Field of the Invention
The present invention relates generally to the field of disk drive data sanitation and more particularly to a system and method of automatically resetting an encryption key on an encrypted disk drive before wiping.
Description of the Prior Art
Hardware-based full encryption of a disk drive is a technique known in the art to protect data on a disk in a manner that is transparent to any computer or operating system attached to or running the drive. Special circuits on the drive itself perform hardware symmetric encryption of all data being written to the disk and decryption of all data being read from the disk. The encryption is typically a very secure symmetric technique such as the Advanced Encryption Standard (AES) using a 128 or 256 bit key.
Authentication is usually supplied during boot-up as a BIOS event that allows the main key to be made available to the encryption circuitry . The system BIOS may require a password or other security measure. Without this, the drive will not decrypt stored data, and the system cannot boot or otherwise read the hard drive. The drive itself, usually requires an authentication code that may be as long as 32 bits in order to unlock. In most cases, this authentication code is used to decode an encrypted symmetric key using a second encryption technique (that may be identical to the main technique or may be different).
The AES or other key is stored in the hard drive controller hardware or chipset dedicated to encryption. It cannot be read out, and is usually encrypted when not in use. However, it can be changed to a new key with proper authentication. Once the change is made to a new key, none of the data already stored on the disk can be read (more precisely, none of the encrypted, stored data can be correctly decrypted) rendering the disk safe from data loss or readout. A key change is typically accomplished by issuing a cryptographic erase or key reset command to the disk drive after proper authentication. In almost all cases, the disk drive hardware itself generates the new key. That way, the new key is never transferred to or from the outside world in any way, and each new key can be assured to have proper strength (not be a weak key like all ones, all zeros or the like). Some disk drive systems save an encrypted version of the previous symmetric key to allow data recovery in the case of an accidental cryptographic erase; however, this weakens the security and is not widely used. Usually, once a symmetric key is changed, it cannot be recovered by any means. Since it was generated automatically by hardware internal to the disk, it is never transferred outside the disk, and there is no record of it anywhere.
Disk wiping is also known in the art. This is the process of over-writing sectors with known data patterns. It is possible to remove all data from a hard disk thus rendering it safe by writing every sector with a known pattern. Some standards (such as some U.S. Department of Defense standards) require that every sector be over-written three times or some other number of times, and in some cases with a different data pattern each time. This can be very time consuming taking many hours with large disks. Typical disk over-write patterns (on a byte basis) may be alternating patterns such as 0x55 for the first pass, 0xAA for the second pass, and 0x3C for the third pass for example.
There are commercial disk-wiping systems known in the art that can automatically wipe a particular disk according to a particular standard and can be controlled remotely. These systems control the wiping process for start to finish and can guarantee that every sector has been wiped the required number of times.
There are other problems with disk wiping besides the length of time it takes. One of these problems is that some hard disks dynamically allocate tracks to reduce overhead or to remove bad tracks from service. This creates the danger of old plain-text data magnetically (or electronically) residing on a track (or sector) that has been de-allocated and cannot be directly reached by normal addressing. Thus, as a wipe algorithm walks through all possible disk address, it fails to over-write these areas (since they have been dynamically removed from the address space). With some drives, it is possible to locate and wipe these regions; however, with others, there may be no way to be sure that everything has been over-written.
It would be advantageous to have a system and method that could be used with self-encrypting hard disks or other storage devices to quickly make sure that all written data is useless (within milliseconds) no matter where written, and then to also over-write all available sectors a predetermined number of times so that a disk owner is guaranteed there is no useable data left on the device, and that not even the wipe program itself can access any data that was previously stored.